公开(公告)号：US11216563B1

公开(公告)日：2022-01-04

申请号：US15600554

申请日：2017-05-19

Applicant: Amazon Technologies, Inc.

Inventor： Vladimir Veselov ,  Aparna Nagargadde ,  Adrian-Radu Grajdeanu

IPC: G06F21/00 ,  G06F21/57 ,  H04L29/06 ,  G06F9/455

Abstract: Systems for performing a security assessment of a target computing resource, such as a virtual machine or an instance of a virtual machine, include a scanning service that facilitates duplication of all or a portion of the target computing resource, and then performs the security assessment on the duplicate computing resource to avoid consuming processing time, processing power, and storage space of the target computing resource. A snapshot of the target computing resource, containing the data necessary to reproduce the portion to be assessed, is captured and used to implement the duplicate computing resource in newly allocated resources. The snapshot can be an image of a logical volume implementing the target computing resource. To reproduce a target virtual machine, the snapshot may include a configuration used to instantiate the target virtual machine; the scanning service may implement a duplicate virtual machine that is instantiated with the same configuration.

公开(公告)号：US10706155B1

公开(公告)日：2020-07-07

申请号：US15719450

申请日：2017-09-28

Applicant: Amazon Technologies, Inc.

Inventor： Vladimir Veselov ,  Adrian-Radu Grajdeanu ,  Hassan Sultan

IPC: G06F21/57 ,  G06F9/455

Abstract: Systems for providing a security assessment of a target computing resource, such as a virtual machine or an instance of a virtual machine, include a security assessments provisioning service that provisions third-party-authored rules packages and security assessments into the computing environment of the target computing resource. The third-party rules package includes rules that can operate on telemetry and configuration data of the target computing resource, produced by sensors that are native to the computing environment, but the sensor protocols, message format, and sensitive data are not exposed to the rules. The provisioning service can provide security assessments and/or rules packages that are “native” and are thus able to operate directly on the telemetry and configuration data.